/etc/init.d/vpn
Funktionen
/etc/init.d/vpn start |stop | restart | restart_olsr | restart_tunnel | pingtest | status | check | ifup INTERFACE NODE
Die Funktion "check" wird alle 5 Minuten per cron ausgefuehrt und startet den Tunnel oder den OLSR-Dienst neu, falls keine CPU-Zeit mehr konsumiert wird.
Skript
#!/bin/sh fkt_infotext() { logger -p daemon.info -t $0 $1 echo $1 } fkt_write_olsrd_conf() { fkt_infotext "generating olsrd.conf ..." cp /etc/olsrd.conf_head /etc/olsrd.conf awk '/ifup/ {print $3,$12}' /etc/vtund.conf| while read IFACE NODE do cat>>/etc/olsrd.conf<<EOF Interface "$IFACE" { HelloInterval 50.0 HelloValidityTime 900.0 TcInterval 30.0 TcValidityTime 2700.0 MidInterval 150.0 MidValidityTime 2700.0 HnaInterval 150.0 HnaValidityTime 900.0 Ip4Broadcast 10.63.$NODE.253 LinkQualityMult default 0.1 } EOF done } fkt_netcount_start() { fkt_infotext "installing netfilter counters ..." iptables -N vpn_user_outgoing iptables -N vpn_olsr_outgoing iptables -N vpn_user_incoming iptables -N vpn_olsr_incoming iptables -I OUTPUT -o tap+ -j vpn_user_outgoing iptables -I OUTPUT -o tap+ -p udp --sport 698 -j vpn_olsr_outgoing iptables -I INPUT -i tap+ -j vpn_user_incoming iptables -I INPUT -i tap+ -p udp --dport 698 -j vpn_olsr_incoming awk '/ifup/ {print $3}' /etc/vtund.conf| while read IFACE do iptables -I vpn_user_outgoing -i $IFACE -j ACCEPT iptables -I vpn_olsr_outgoing -i $IFACE -j ACCEPT iptables -I vpn_user_incoming -i $IFACE -j ACCEPT iptables -I vpn_olsr_incoming -i $IFACE -j ACCEPT done } fkt_netcount_stop() { fkt_infotext "deleting netfilter counters ..." iptables -D OUTPUT -o tap+ -j vpn_user_outgoing iptables -D OUTPUT -o tap+ -p udp --sport 698 -j vpn_olsr_outgoing iptables -D INPUT -i tap+ -j vpn_user_incoming iptables -D INPUT -i tap+ -p udp --dport 698 -j vpn_olsr_incoming iptables -F vpn_olsr_outgoing iptables -F vpn_user_outgoing iptables -F vpn_olsr_incoming iptables -F vpn_user_incoming iptables -X vpn_olsr_outgoing iptables -X vpn_user_outgoing iptables -X vpn_olsr_incoming iptables -X vpn_user_incoming } fkt_start_vtund() { fkt_infotext "starting vtun-daemon ..." vtund -f /etc/vtund.conf -s } fkt_start_olsrd() { fkt_infotext "starting olsr-daemon ..." olsrd -f /etc/olsrd.conf -d 0 } fkt_kill_olsrd() { fkt_infotext "ending olsrd-process ..." PID=$(pidof olsrd) test ! -z "$PID" && kill PID=$(pidof olsrd) test ! -z "$PID" && kill -9 $PID } fkt_kill_vtund() { fkt_infotext "ending vtund-process ..." PID=$(pidof vtund) test ! -z "$PID" && kill $PID } fkt_interface_up() { fkt_infotext "starting interface $1 for node $2 ..." ip addr add dev $1 10.63.$2.254/30 brd 10.63.$2.255 ip link set $1 mtu 1450 up fkt_infotext "setting host-routes for node $2 ..." ip route add 10.63.$2.253 dev $1 } fkt_status_olsrd() { fkt_infotext "status olsrd:" } fkt_status_vtund() { fkt_infotext "status vtund:" ps ax| awk -F tap '/tap/ { if($2<99&&$2>=0){ NO=$2*1 printf("tap %2i - ",NO) system("grep \"device tap"NO" \" /etc/vtund.conf") } }'| sort } fkt_status_netcount() { fkt_infotext "status netcount:" iptables -nxvL INPUT iptables -nxvL FORWARD iptables -nxvL OUTPUT } fkt_pingall_clients() { awk '/ifup/ {printf $1": ";system("ping -c 3 10.63."$12".253 | grep \"64 bytes\"");print ""}' /etc/vtund.conf awk '/ifup/ {printf $1": ";system("ping -c 3 10.63."$12".1 | grep \"64 bytes\"");print ""}' /etc/vtund.conf } fkt_check_olsr_and_tunnel () { BIN_OLSR="olsrd" BIN_VTUN="vtund" PID_OLSR="$(pidof -s $BIN_OLSR)" PID_VTUN="$(pidof -s $BIN_VTUN)" OLSR_TIME_1="$(top -p $PID_OLSR -n 1 -b | grep $BIN_OLSR | awk '{print $11}')" VTUN_TIME_1="$(top -p $PID_VTUN -n 1 -b | grep $BIN_VTUN | awk '{print $11}')" sleep 60 OLSR_TIME_2="$(top -p $PID_OLSR -n 1 -b | grep $BIN_OLSR | awk '{print $11}')" VTUN_TIME_2="$(top -p $PID_VTUN -n 1 -b | grep $BIN_VTUN | awk '{print $11}')" if [ "$OLSR_TIME_1" = "$OLSR_TIME_2" ]; then $0 restart_olsr fi if [ "$VTUN_TIME_1" = "$VTUN_TIME_2" ]; then $0 restart_tunnel fi } case $1 in start) fkt_infotext "Starting freifunk-VPN ..." fkt_write_olsrd_conf fkt_netcount_start fi if [ "$VTUN_TIME_1" = "$VTUN_TIME_2" ]; then $0 restart_tunnel fi } case $1 in start) fkt_infotext "Starting freifunk-VPN ..." fkt_write_olsrd_conf fkt_netcount_start fkt_start_vtund fkt_start_olsrd ;; stop) fkt_infotext "Stopping freifunk-VPN ..." fkt_kill_olsrd fkt_kill_vtund fkt_netcount_stop ;; restart) $0 stop $0 start ;; restart_olsr) fkt_infotext "Stopping/Starting freifunk-olsr ..." fkt_kill_olsrd fkt_start_olsrd ;; restart_tunnel) fkt_infotext "Stopping/Starting freifunk-tunnel ..." fkt_kill_vtund fkt_start_vtund ;; status) fkt_status_olsrd fkt_status_vtund fkt_status_netcount ;; check) fkt_check_olsr_and_tunnel ;; pingtest) fkt_pingall_clients ;; ifup) fkt_interface_up $2 $3 ;; *) echo "Usage: $0 ( start |stop | restart | restart_olsr | restart_tunnel | pingtest | status | check | ifup INTERFACE NODE)" ;; esac